Consulting services for cybersecurity
Secure every step of the way At Dimension Data you, our client, are central to everything we do. We look at cybersecurity from your point of view. Cybersecurity lifecycle the Security Wheel Cybersecurity has a lifecycle starting with risk assessment, moving through strategy formulation, designing a solution, everyday control, and on-going management. This lifecycle, which we call the Security Wheel, forms the basis of our engagement with you. We have consulting services aligned with every stage in the lifecycle, and you can join at whatever stage is right for you. Management Consulting Our consulting services help you manage cybersecurity from every angle throughout the lifecycle by: Giving you the skills to risk less, yet achieve more Building a robust security strategy, aligned to your business goals IT security skills are scarce. The 2015 (ISC)2 Global Information Security Workforce Study carried out by Frost & Sullivan found that 62% of organisations say they have too few information security professionals (up from 56% in 2013). They estimate the shortfall in the global information security workforce will reach 1.5 million in 5 years. Finding the vulnerabilities in your infrastructure, applications, endpoints, and processes It s hardly surprising. The digitalisation of business cloud, mobile, and the Internet of Things is transforming cybersecurity. Perimeters are being pushed off premises, into the cloud, and out to exponentially-multiplying endpoints. Provisioning times are falling to minutes, threats are morphing daily, and responsibility for security is being fragmented across more and more cloud service providers. How can organisations get on top of these ever-changing risks, and acquire both the skills and the capacity to combat them? Many turn to us for our depth of expertise, our breadth of experience, and our sheer capacity to provide the security skills they need. Controls Client Identifying and evaluating the threats you face continuously Strategy Architecture Strengthening your security architecture Recommending how to repair gaps in a cost effective manner Making sure you re compliant with regulations and governance policies. We work with you to shape your business needs into a robust cybersecurity strategy and roadmap. We can then design, deploy, and project-manage your implementation to deliver technology that meets your business objectives. Consulting Strategy Architecture Controls Management Business requirements Business alignment Evaluation Platform Operations Workshops and interviews Vision and strategy Optimisation Automation Maintenance Design Configuration Support We outline below some of our main consulting services available regionally or globally, but we re very flexible about how we can engage with you. So it s best simply to talk to us about where you are, the challenges you re facing, and we ll see how we can best help you. Risk analysis Roadmap Deploy Integration Gap analysis Technical analysis Recommendations Consumption Threat intelligence
Security architecture services Network threat and vulnerability services Security penetration testing services Firewall assurance services We use our Security Architecture Assessment model as a flexible way of evaluating your security architecture, from policies to technical controls. Our network threat and vulnerability services present a snapshot of real-time activity on the network, identifying suspicious behaviour, compromises, or breaches. Penetration testing is an important element of any cybersecurity assurance programme. We ll determine the presence of weaknesses that could be exploited by malicious users to compromise your most critical infrastructure including web applications, networks, and endpoints. Our firewall assurance services help you optimise the total cost of ownership of your firewall estate in relation to your network infrastructure and security posture. We adopt a full-service approach, from analysis to deployment, to maximise return on investment, reduce migration cost, and improve application security. We take a holistic approach, reviewing your security vision and strategy, information security framework, risk management framework, and logical security architecture. We make sure they are all practical, appropriate and economically proportionate. We then assist you in remediating the root causes of any problems that we detect. Depending on your organisation s key areas of concern, an engagement can focus on: Delivered through a choice of three service level models, the outcome is a specific set of recommendations that allow you to apply your resources and controls in the most effective way to protect key assets. traffic analysis on key segments of the network Combined with a remediation roadmap, you can use the results to build a budget and resource plan, or simply align to an existing strategy for greater reassurance. identification and analysis of malware patterns on the network The assessment includes: An information gathering phase which may include interactive workshops and/or interviews to assess your current and desired state the option to choose from a selection of assessments to help validate your assumptions recommendations for improvement a cybersecurity roadmap based on business and technology initiatives. web, database, and file application access unauthorised and inappropriate use of data assets event correlation and normalisation vulnerability scanning of systems violations of existing Internet usage policies. The service is designed to capture network traffic and gather intelligence over an agreed period of time in order to present a technical risk profile. Our Network threat and vulnerability services are only available in certain geographical regions speak to us for details. We align to industry best practice and guidelines from sources such as Open Source Security Testing Methodology Manual (OSSTMM), National Institute of Standards and Technology (NIST) and The Open Web Application Security Project (OWASP). We have experience in many scenarios, and our proven penetration testing methodologies include a focus on the following: Internet-facing infrastructure internal network segments such as a demilitarised zone, or an office local area network desktop and laptop computers including stolen laptop attack scenarios Internet-facing and internal web applications wireless network infrastructure remote access and VPN infrastructure. They re flexible services which can be tailored to your needs. We can: identify and document the current state of your firewall infrastructure deliver strategies to reduce complexity, increase productivity and reduce risk develop a services map which details the use of applications and network access to better understand usage and trends identify high risk policies that may impact the confidentiality, integrity or availability, and remove any redundant, overlapping, or duplicate rules identify and document any opportunities to optimise or further refine your firewall policies or underlying architecture compare your compliance metrics against security industry best practices.
Governance, risk, and compliance services These consulting services address three core tenets of businesses today: corporate governance, risk management, and regulatory compliance. Incident response services We ll help you set the governance policies and processes that direct and control the organisation. This includes external legal, regulatory, and industry compliance requirements. Underpinned by Dimension Data s incident response framework, our incident response services provide a use-case driven model with well-established methodologies, processes and reporting to swiftly detect, respond to, and remediate a given threat. Experienced incident responders provide the coverage you need to ensure a timely response. We ll help you determine your risk appetite, based on your organisation s governance policies and processes. We offer a range of incident response services that are scalable, repeatable, comprehensive, and mature: We ll make sure you keep documentary evidence of your compliance with internal policy and process, as well as with external regulation. We help you address all these issues with global services that include: information security management system (ISMS) development organisational policy development IT policy development development and gap reviews information security management systems standard ISO/IEC 27000 payment card industry data security standards (PCI DSS). first response service incident response readiness assessment compromise assessment incident response program development incident response retainer. Our incident response services are only available in certain geographical regions speak to us for details. Why Dimension Data for security consulting? We re part of NTT, the largest communications company in the world. All the security practices of the NTT group (formerly Solutionary, NNT Comms Security, and NTTi3) have recently been brought together as NTT Security. We see 40% of all Internet traffic so we have unparalleled insight into the constantly changing threat landscape insight which we bring to all our consulting engagements. Our approach is multi-disciplinary, spanning not only the whole gamut of cybersecurity, but all the other technologies which make digital business possible: networking, data centres, cloud services, and end-user computing. We operate across all the spheres of modern IT architecture, including on-site IT, cloud services, and hybrid environments, so we appreciate the complexity and challenges involved. We operate as consulting partners, but can also deliver security as support services, managed services, or outsourced services. This means our advice is not theoretical it s informed by practical experience in delivering security services to thousands of global clients daily. This breadth of experience, combined with our deep skills in threat intelligence, infrastructure security, and the regulatory aspects of security, make us the choice of cybersecurity advisor for many global enterprise clients. Over recent years, our 700 security consultants have carried out 15,000 engagements among our 6,000 clients in 58 countries. And we enjoy strong integration partnerships with all the major security vendors, including Check Point, Cisco, Blue Coat, Intel Security, and Palo Alto, as well as a number of cutting-edge, specialist partners. Talk to us We re here to deliver for you wherever you are, at every stage of your technology journey. Whatever the particular challenge you face, we re sure we have something to offer. So talk to us about your ambitions as a digital business, and we ll see how we can help you secure them. dimensiondata.com/security CS / GLMKSEC0056 / 08/16 Copyright Dimension Data 2016
Middle East & Africa Asia Australia Europe Americas Algeria Angola Botswana Congo Burundi Democratic Republic of the Congo Gabon Ghana Kenya Malawi Mauritius Morocco Mozambique Namibia Nigeria Oman Rwanda Saudi Arabia South Africa Tanzania Uganda United Arab Emirates Zambia China Hong Kong India Indonesia Japan Korea Malaysia New Zealand Philippines Singapore Taiwan Thailand Vietnam Australian Capital Territory New South Wales Queensland South Australia Victoria Western Australia Austria Belgium Czech Republic France Germany Hungary Italy Ireland Luxembourg Netherlands Poland Portugal Slovakia Spain Switzerland United Kingdom Brazil Canada Chile Mexico United States For contact details in your region please visit dimensiondata.com/globalpresence